Appl. No. 09/998,893 PATENT 
Amdt. dated July 1, 2009 
Amendment under 37 CFR 1.114 
Request for Continued Examination 

Amendments to the Claims: 

Please cancel claim 8 without prejudice or disclaimer. This listing of claims will 
replace all prior versions, and listings, of claims in the application: 

Listing of Claims: 

1 . (Currently Amended) A method comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, wherein 
each workflow in said plurality of workflows corresponds to a different set of characteristics for 
a user, wherein the first workflow contains a first set of directives and a second workflow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said first workflow calls for obtaining an 
approval from an entity associated with the first user and identified in a user profile for the first 
user maintained by the Identity System before performing a certificate related actio n for users 
having a first user type , wherein said second workflow does not call for obtaining an approval 
before performing a certificate related actio n for users having a second user type , wherein said 
first workflow for responding to said request corresponds to said first certificate related action 
and a set of characteristics for said first user from the identity profile for the first user, the set of 
characteristics for the first user including a user type for the first user, and wherein retrieving the 
first workflow further comprises selecting the first workflow from the plurality of workflows 
based on the first certificate related action and the a user type of the first user[[.]l from a set of 
characteristics for the first user from an identity profile for the first user maintained by the 
Identity System being the first user type; and 
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performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from an entity associated with the first user and identified in the 
identity profile for the first user and obtaining a certificate based on the approval response. 



2.-6. (Canceled) 

7. (Previously Presented) The method of claim 1, further comprising: 
receiving said plurality of workflows. 

8. (Canceled) 

9. (Currently Amended) The method of claim [[8]] 1, further comprising: 
receiving a second request for a second certificate related action for a second user 



wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action; 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a sot of characteristics for said second user from an identity profile for the 
second user maintained by the Identity System, the set of characteristics including a user type for 



second workflow from the plurality of workflows based on the second certificate related action 
the a user type of the second user[[;H from a set of characteristics for the second user from an 
identity profile for the second user maintained by the Identity System being the second user type ; 
and 




-retrieving the second workflow further comprises selecting the 



performing said second workflow, wherein performing said second workflow 



comprises: 



obtaining a second certificate without retrieving an approval response. 
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10. (Previously Presented) The method of claim 9, wherein said first 
certificate related action is a certificate enrollment action and said second certificate related 
action is a certificate enrollment action. 

1 1 . (Previously Presented) The method of claim 9, wherein said first 
certificate related action is a certificate renewal action and said second certificate related action 
is a certificate renewal action. 

12. (Previously Presented) The method of claim 1, further comprising: 
performing said first workflow, wherein said first certificate related action is a 

certificate enrollment action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

13. (Previously Presented) The method of claim 1, further comprising: 
performing said first workflow, wherein said first certificate related action is a 

certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate renewal, wherein obtaining the certificate renewal 

comprises: 

authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving a certificate renewal acknowledgement. 

14. (Previously Presented) The method of claim 1, further comprising: 
performing said first workflow, wherein said first certificate related action is a 

certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
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authenticating said first user; and 



PATENT 



forwarding said request to a Certificate Processing Server. 

15. (Canceled) 

16. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; an4 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, wherein 
each workflow in said plurality of workflows corresponds to a different set of characteristics for 
a user, wherein the first workflow contains a first set of directives and a second workflow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said first workflow calls for obtaining an 
approval from an entity associated with the first user and identified in a user profile for the first 
user maintained by the Identity System before performing a certificate related actio n for users 
having a first user type , wherein said second workflow does not call for obtaining an approval 
before performing a certificate related actio n for users having a second user type , wherein said 
first workflow for responding to said request corresponds to said first certificate related action 
and a set of characteristics for said first user from the identity profile for the first user, the set of 
characteristics for the first user including a user typo for the first user, and wherein retrieving the 
first workflow further comprises selecting the first workflow from the plurality of workflows 
based on the first certificate related action and the a user type of the first userlT.11 from a set of 
characteristics for the first user from an identity profile for the first user maintained by the 
Identity System being the first user type; and 
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performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from an entity associated with the first user and identified in the 
identity profile for the first user and obtaining a certificate based on the approval response. 

17.-19. (Canceled) 

20. (Previously Presented) One or more processor readable storage devices 
according to claiml6, wherein said method further comprises: 

receiving said plurality of workflows. 

21 . (Currently Amended) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein performing said first workflow 

comprises: 

retrieving an approval response from the entity associated with the first 

user; and 

obtaining a certificate; 

receiving a second request for a second certificate related action for a second user 
wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action; 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a set of characteristics for said second user from an identity profile for the 
second user maintained by the Identity System, the set of characteristics including a user type for 
the second user, and wherein retrieving the second workflow further comprises selecting the 
second workflow from the plurality of workflows based on the second certificate related action 
the a user type of the second user[[;H from a set of characteristics for the second user from an 
identity profile for the second user maintained by the Identity System being the second user type ; 
and 
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performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certificate without retrieving an approval response. 

22. (Previously Presented) One or more processor readable storage devices 
according to claim 21, wherein said first certificate related action is a certificate enrollment 
action and said second certificate related action is a certificate enrollment action. 

23. (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate enrollment action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

24. (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; and 
receiving a certificate renewal acknowledgement. 

25. (Previously Presented) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 
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performing said first workflow, wherein said first certificate related action is a 
certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 

forwarding said request to a Certificate Processing Server. 

26. (Canceled) 

27. (Currently Amended) An apparatus comprising: 
one or more communications interfaces; 

one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a method 
comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, wherein 
each workflow in said plurality of workflows corresponds to a different set of characteristics for 
a user, wherein the first workflow contains a first set of directives and a second workflow in said 
plurality of workflows contains a second set of directives, wherein said first set of directives is 
different from said second set of directives, wherein said first workflow calls for obtaining an 
approval from an entity associated with the first user and identified in a user profile for the first 
user maintained by the Identity System before performing a certificate related actio n for users 
having a first user type , wherein said second workflow does not call for obtaining an approval 
before performing a certificate related actio n for users having a second user type , wherein said 
first workflow for responding to said request corresponds to said first certificate related action 
and a sot of characteristics for said first user from the identity profile for the first user, the sot of 
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characteristics for the first user including a user typo for the first user, and wherein retrieving the 
first workflow further comprises selecting the first workflow from the plurality of workflows 
based on the first certificate related action and the a user type of the first user[[.]l from a set of 
characteristics for the first user from an identity profile for the first user maintained by the 
Identity System being the first user type; and 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from an entity associated with the first user and identified in the 
identity profile for the first user and obtaining a certificate based on the approval response. 

28.-30. (Canceled) 

3 1 . (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

receiving said plurality of workflows. 

32. (Currently Amended) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein performing said first workflow 

comprises: 

retrieving an approval response from the entity associated with the first 

user; and 

obtaining a certificate; 

receiving a second request for a second certificate related action for a second user 
wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action; 

retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a set of characteristics for said second user from an identity profile for the 
second user maintained by the Identity System, the set of characteristics including a user type for 
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the second user, and wherein retrieving the second workflow further comprises selecting the 
second workflow from the plurality of workflows based on the second certificate related action 
the a user type of the second user[[;H from a set of characteristics for the second user from an 
identity profile for the second user maintained by the Identity System being the second user type ; 
and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certificate without retrieving an approval response. 

33. (Previously Presented) The apparatus of claim 32, wherein said first 
certificate related action is a certificate enrollment action and said second certificate related 
action is a certificate enrollment action. 

34. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate enrollment action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

35. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 
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forwarding said request to a Certificate Processing Server; and 
receiving a certificate renewal acknowledgement. 

36. (Previously Presented) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 

forwarding said request to a Certificate Processing Server. 

37. (Canceled) 

38. (Currently Amended) A method comprising: 

receiving a first request for a first certificate related action for a first user; 
retrieving a first workflow for responding to said first request from a plurality of 

workflows, 

wherein said first workflow corresponds to said first certificate related 
action and a set of characteristics for said first user, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval from an entity 
associated with the first user before performing a certificate related action for users having a first 
user type , 

wherein a second workflow of the plurality of workflows does not call for 
obtaining an approval before performing a certificate related action for users having a second 
user type , and 
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wherein retrieving the first workflow for responding to said first request 
further comprises selecting the first workflow from the plurality of workflows based on the first 
certificate related action and a user type of the first use r being the first user type ; 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from the an entity associated with the first user and obtaining a 
certificate; 

receiving a second request for a second certificate related action for a second user; 

retrieving [[a]] said second workflow for responding to said second request from 
said plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user typo of said second user retrieving the second workflow for responding 
to said second request further comprises selecting the second workflow from the plurality of 
workflows based on the second certificate related action and a user type of the second user being 
the second user type ; and 

performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certificate without retrieving an approval response. 

39. (Previously Presented) The method of claim 38, further comprising: 
receiving said plurality of workflows. 

40. (Canceled) 

41 . (Previously Presented) The method of claim 38, wherein said first 
certificate related action and said second certificate related action call for the same certificate 
related action. 

42. (Previously Presented) The method of claim 38, wherein receiving the 
first request, retrieving the first workflow, performing the first workflow, receiving the second 
request, retrieving the second workflow, and performing the second workflow are performed by 
an Identity System in communication with an Access System. 
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43. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising: 

receiving a first request for a first certificate related action for a first user; 
retrieving a first workflow for responding to said first request from a plurality of 

workflows, 

wherein said first workflow corresponds to said first certificate related 
action and a set of characteristics for said first user, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval from an entity 
associated with the first user before performing a certificate related action for users having a first 
user type , 

wherein a second workflow of the plurality of workflows does not call for 
obtaining an approval before performing a certificate related action for users having a second 
user type , and 

wherein retrieving the first workflow for responding to said first request 
further comprises selecting the first workflow from the plurality of workflows based on the first 
certificate related action and a user type of the first use r being the first user type ; 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from the an entity associated with the first user and obtaining a 
certificate; 

receiving a second request for a second certificate related action for a second user; 

retrieving [[a]] said second workflow for responding to said second request from 
said plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user typo of said second user retrieving the second workflow for responding 
to said second request further comprises selecting the second workflow from the plurality of 
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workflows based on the second certificate related action and a user type of the second user being 
the second user type ; and 

performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certificate without retrieving an approval response. 

44. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein said method further comprises: 

receiving said plurality of workflows. 

45. (Canceled) 

46. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein said first certificate related action and said second certificate 
related action call for the same certificate related action. 

47. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein receiving the first request, retrieving the first workflow, 
performing the first workflow, receiving the second request, retrieving the second workflow, and 
performing the second workflow are performed by an Identity System in communication with an 
Access System. 

48. (Currently Amended) An apparatus comprising: 
one or more communications interfaces; 

one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a method 
comprising: 

receiving a first request for a first certificate related action for a first user; 
retrieving a first workflow for responding to said first request from a plurality of 

workflows, 
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wherein said first workflow corresponds to said first certificate related 
action and a sot of characteristics for said first user, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval from an entity 
associated with the first user before performing a certificate related action for users having a first 
user type , 

wherein a second workflow of the plurality of workflows does not call for 
obtaining an approval before performing a certificate related action for users having a second 
user type , and 

wherein retrieving the first workflow for responding to said first request 
further comprises selecting the first workflow from the plurality of workflows based on the first 
certificate related action and a user type of the first use r being the first user type ; 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from the an entity associated with the first user and obtaining a 
certificate; 

receiving a second request for a second certificate related action for a second user; 

retrieving [[a]] said second workflow for responding to said second request from 
said plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user type of said second user retrieving the second workflow for responding 
to said second request further comprises selecting the second workflow from the plurality of 
workflows based on the second certificate related action and a user type of the second user being 
the second user type ; and 

performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certificate without retrieving an approval response. 

49. (Previously Presented) The apparatus of claim 48, wherein said method 
further comprises: 

receiving said plurality of workflows. 
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50. (Canceled) 

5 1 . (Previously Presented) The apparatus of claim 48, wherein said first 
certificate related action and said second certificate related action call for the same certificate 
related action. 

52. (Previously Presented) The apparatus of claim 48, wherein receiving the 
first request, retrieving the first workflow, performing the first workflow, receiving the second 
request, retrieving the second workflow, and performing the second workflow are performed by 
an Identity System in communication with an Access System. 

53. (Currently Amended) The method of claim [[8]] 1, wherein obtaining an 
approval response comprises applying a Lightweight Directory Access Protocol (LDAP) filter to 
attributes of the identity profile for the first user. 

Please add the following new claims: 

54. (New) The method of claim 9, wherein the entity associated with the first 
user comprises a third user. 
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